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Description 

BACKGROUND OF THE INVENTION 

1 . Field of the Invention 

[0001] The present invention relates to a remote au- 
thentication system in which identification of an individ- 
ual by biometrics and decision of presence or absence 
of access right to the information of the individual and 
application are made intensively by a single authentica- 
tion terminal. 

2. Description of the Related Art 

[0002] Conventionally, in an information processing 
system connected to a network, for security, an opera- 
tion of identifying an individual to decide access permis- 
sion and inhibition of the individual, i.e., authentication 
is required. Further, an automatic teller machine of a 
bank or the like generally carries out authentication for 
identification of an individual and accessing to transac- 
tion information of the individual such as balance of the 
deposit. Authentication of an individual is also carried 
out for arrival or departure to a research place with high 
security and member's club. 

[0003] The authentication, i.e. identification of an in- 
dividual and recognition of qualification, is carried out 
using a magnetic card or IC card which has the same 
function as an ID cared, individual's memory such as a 
password or a combination thereof. However, the pass- 
word may be forgotten. It may happen that the magnetic 
card or IC card cannot be authenticated because of 
loosing or breakage. The individual other than a person 
in question may be authenticated as the person in ques- 
tion because of steal of the card or leakage of the infor- 
mation of the password. In order to keep high security, 
the person in question must be surely authenticated as 
himself or herself. In this case, if the means of compli- 
cating the password or one-time password (OTP) is 
adopted, memorizing is difficult correspondingly, or the 
operation of authentication itself becomes complicate. 
Further, if authentication by memory is executed in a 
wide area (plural stores of the bank), authentication in- 
formation must be managed intensively. 
[0004] On the other hand, authentication by biomet- 
rics information, which represents living-body charac- 
teristics of an individual such as information relative to 
a fingerprint, a handprint, handwriting, retina, etc. re- 
moves the complication and also makes "posing" diffi- 
cult. If the authentication by biometrics information is re- 
quired in a wide region, intensive management and au- 
thentication are required for the same reason and pro- 
tection of privacy. When the authentication by biomet- 
rics information is executed intensively, it is important to 
select a suitable method of authentication according to 
a security level such as a matter, place or system requir- 
ing authentication as well as each user, thereby acquir- 



ing the authentication information. 
[0005] Now, the RADIUS server, which is described 
by RFC 2138 (Remote Authentication Dial In User Serv- 
ice, hereinafter referred to as RADIUD, renewal of the 
5 previous RFC 2058) which is registered in RFC (Re- 
quest For Comment) of IETF (Internet Engineering Task 
Force), in response to a request from a RADIUS client, 
performs the authentication processing intensively to 
send back the result of authentication. In this case, the 
10 authentication means and authentication information 
are fixedly defined for each user. For this reason, if the 
biometrics information is to be acquired, according to its 
acquisition environment, the authentication means and 
authentication information cannot be changed dynami- 
cs cally. 

[0006] One example of such a prior art is an "authen- 
tication method on a network" disclosed in JP-A- 
9-81 51 8. In this method, when a user host accesses to 
an application server, the application server requests an 
20 authentication server to make authentication of a user 
using fixed authentication means and authentication in- 
formation and receives the result of authentication. 
[0007] The biometrics information is efficient to dis- 
criminate an individual from other persons. However, it 
25 gives rise to problems of privacy protection and sanitary 
acquisition when a biometrics acquisition device itself 
involves dirtiness and unpleasantness. 
[0008] US-A-4 993 068 discloses an unforgeable per- 
sonal identification system for identifying users at re- 
30 mote access control sites. The unforgeable personal 
identification system generates one-way encrypted ver- 
sions of physically immutable identification credentials 
(facial photo, retinal scan, voice and finger prints). 
These credentials are stored on a portable memory de- 
35 vice. At a remote access control site, the user presents 
his portable memory device and the encrypted identifi- 
cation credentials are read. The user then submits phys- 
ically to inputting of his physical identification character- 
istics to the remote access control site. Comparison is 
40 performed with the credentials obtained from the mem- 
ory device and with the user's physical identity to deter- 
mine whetherto allow or deny access at the remote site. 
The credentials can be used singly or in combination for 
comparison with the user's physical identity. Further, at- 
45 tribute or privilege information can be added to the cre- 
dentials and coupled with the immutable physical trails. 
Such data may include medical information about the 
user, particular privileges held by the user, such as or- 
ganizational affiliations, security clearance levels, pass- 
50 port and visa information or financial information. 

SUMMARY OF THE INVENTION 

[0009] The present invention has been accomplished 
55 to solve the problem as described above, and intends 
to provide a remote authentication system and remote 
authentication method which can surely identify an indi- 
vidual and decide the presence or absence of an access 
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right thereof when the individual is authenticated using 
biometrics information and also can improve ease of us- 
age. 

[0010] This object according to the invention is solved 
by a remote authentication system comprising the fea- 
tures of claim 1 . 

[0011] The present invention provides a remote au- 
thentication system having a network which is connect- 
ed to an authentication server, an authentication client 
and a user terminal for accessing data from the authen- 
tication client, in which authentication of the user ac- 
cessing the authentication client is madethrough the us- 
er terminal, comprising plural kinds of biometrics acqui- 
sition devices connected to the userterminal, and plural 
authentication information acquisition software's stored 
in said authentication server according to the user ter- 
minal and/or a user, wherein in accordance with the op- 
eration of a prescribed authentication acquisition soft- 
ware corresponding to the userterminal, which is down- 
loaded from the authentication server in authentication, 
biometrics information acquired by one or plural kinds 
of biometrics acquisition devices and/or keyed-in user 
discrimination information are used which are selected 
depending on the secret level of the data to be ac- 
cessed. 

BRIEF DESCRIPTION OF THE DRAWINGS 
[0012] 

Fig. 1 is a block diagram of the first embodiment of 
a Web system to which the remote authetication 
system according to the present invention is ap- 
plied. 

Fig. 2 is a timing chart for explaining processing of 
authentication in the Web system in Fig. 2. 
Fig. 3 is a graph for explaining a first example of an 
authentication information database in the authen- 
tication server terminal in Fig. 1. 
Fig. 4 is a graph for explaining a first example of an 
authentication information database in the authen- 
tication server terminal in Fig. 1. 
Fig. 5 is a graph for explaining a second example 
of an authentication information database in the au- 
thentication server terminal in Fig. 1. 
Fig. 6 is a graph for explaining a third example of 
an authentication information database in the au- 
thentication server terminal in Fig. 1. 
Fig. 7 is a graph for explaining a third example of 
an authentication information database in the au- 
thentication server terminal in Fig. 1. 
Fig. 8 is a timing chart for explaining the authenti- 
cation processing of the third example in the Web 
system shown in Fig. 1 . 

Fig. 9 is a block diagram of the second embodiment 
of the Web system to which a remote authentication 
system according to the present invention is ap- 
plied. 



Fig. 1 0 is a timing chart for explaining the authenti- 
cation processing in the Web system shown in Fig. 
9. 

Fig. 11 is a timing chart for explaining the case 
5 where rejection occurs as the third embodiment of 
the Web system in Fig. 1 . 

Fig. 12 is a schematic view of the fourth embodi- 
ment of the Web system in Fig. 1 . 



EMBODIMENTS 

[0013] Now referring to the drawings, an explanation 
will be given of embodiments of the present invention. 

15 

Embodiment 1 

[0014] Fig. 1 shows a configuration of the first embod- 
iment when the present invention is applied to a Web 
20 system. A network 2 is connected to an authentication 
server terminal 3, an authentication client terminal 4 
(Web server terminal in this embodiment) and a user 
terminal 5, etc. In such a Web system 1 , the Web server 
4, when it is accessed through the userterminal 5 from 
25 a user, receives individual authentication of the user 
from the authentication server terminal 3, and on the ba- 
sis of the result, provides service to the user. 
[001 5] The authentication server terminal 3 is a com- 
puter device such as a personal computer, workstation, 
30 etc. (which may include a CPU, memory, disk, commu- 
nication control unit, etc. as described hereinafter) 
which stores an authentication control unit 3A, authen- 
tication information data base 3B and authentication in- 
formation acquisition software pool 3C (hereinafter, soft- 
35 ware will be referred to S/W). The Web server terminal 
4 is a computer device such as a personal computer, 
workstation, etc. in which a Web server data base 4A, 
authentication request unit 4B and a Web server S/W 
4C requiring authentication of a user are operated. 
40 [0016] The user terminal device 5 is composed of a 
browserfor displaying information of the Web serverter- 
minal 4 and a computer device such as a personal com- 
puter or workstation in which authentication information 
acquisition S/W 5B are operated. The user terminal de- 
45 vice 5 is connected to a biometrics acquisition device 6. 
The biometrics acquisition device 6 includes a finger- 
print acquisition device 7 and a handprint acquisition de- 
vice 8 which acquire a fingerprint and handprint of a liv- 
ing body as biometrics information, respectively. 
50 through image processing, a letter recognition tablet 9 
for acquiring handwriting information written by a user 
as biometrics information, a retina information acquisi- 
tion device 1 0 for acquiring retina information of a living 
body as biometrics information by scanning of an eye- 
55 ground. 

[0017] A processing flow of authentication in such a 
Web system is shown in Fig. 2. First, an explanation will 
be given of the case where a user accesses the infor- 
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mation of the Web server data base 4A with a high se- 
cret degree in the Web server terminal 4 which is a client 
of authentication, using the browser 5A which is an ap- 
plication operating in the user terminal device 5 (SP1). 
The Web server S/W 4C which is an application making 
access control of the information with a high secret de- 
gree must make user authentication in order to decide 
whether the user has an access right (SP1 0). 
[0018] Namely, the Web server S/W 4C in the Web 
serverterminal 4 informs the authentication request unit 
4B of necessity of the user authentication as well as a 
client ID (identifier of the authentication request unit), an 
application ID (identifier of the Web server S/W 4C 
which is an application requiring authentication) and an 
access data class (secret level of the data accessed by 
the user) (SP11). The authentication request unit 4B 
transmits the authentication request of the user inclu- 
sive of the above information to the authentication serv- 
er terminal 3. 

[0019] The authentication control unit 3A in the au- 
thentication serverterminal 3 which has received the au- 
thentication request from the user selects an authenti- 
cation information acquisition S/W 11 from the authen- 
tication client ID, application ID and access data type 
(SP20). The authentication information acquisition S/W 
11 acquires a predetermined item of information. It may 
acquire a plurality of items of authentication information. 
The authentication control unit 3A transfers the selected 
authentication information acquisition S/W 11 to the 
Web server terminal 4 which is a client of authentication 
(SP21). 

[0020] The authentication request unit 4B in the Web 
serverterminal 4 delivers the transferred authentication 
information acquisition S/W 11 to the Web server S/W 
4C, instructs it to acquire the authentication information 
from the user. On the basis of this instruction, the au- 
thentication information acquisition S/W 11 is trans- 
ferred from the Web server S/W 4C to the user terminal 
5 (SP12). 

[0021] The browser 5A in the user terminal 5 receives 
the transferred authentication information acquisition S/ 
W 11 and operates it as an authentication information 
S/W 5B (SP2). The authentication information S/W 
spontaneously acquires a user ID (name, firm, member 
number, address, belonging, telephone number, or ID 
allotted for an individual by the system), biometrics in- 
formation such as information relative to a fingerprint, a 
handprint, handwriting, retina, and authentication infor- 
mation which is used normally in a conventional com- 
puter system, such as a password, one-time password, 
etc. In this case, it may operate in cooperation with the 
other S/W such as a driver acquiring the authentication 
information. The authentication information acquisition 
S/W 5B transfers the acquired user ID and authentica- 
tion information to the Web server terminal 4 through 
the browser 5A (SP3). 

[0022] The authentication request unit 4B in the Web 
serverterminal 4 transfers the user ID and authentica- 



tion information acquired from the user to the authenti- 
cation server terminal 3 through the Web server S/W 4C 
(SP1 3). The authentication control unit 3A in the authen- 
tication server terminal 3 executes the user authentica- 
5 tion using the transferred user ID and authentication in- 
formation (SP22). The authentication information such 
as the transferred biometrics information is checked 
against the individual information initially stored in the 
authentication information database 3B in the authenti- 
cation serverterminal 3. If a decision of being a person 
in question is made as results of checking all items of 
transferred authentication information, the result is in- 
formed of the Web server terminal which is an client of 
identification. If at least one of the results of checking is 
not right, a decision of not being a person in question is 
made. This is informed of the Web server terminal 
(SP23). 

[0023] The authentication request unit 4B in the Web 
server terminal 4 having received the result of authen- 
tication, which is a client of authentication, informs the 
Web server S/W 4C of the result of authentication. On 
the basis of the result of authentication, the Web server 
S/W 4C decides permission or inhibition of access to the 
information with a high secret degree in the Web server 
data base 4A for the user (SP1 4). For example, the op- 
eration for user access such as displaying the secret in- 
formation is done. 

[0024] Additionally, encryption between the user ter- 
minal 5 (authentication information acquisition S/W5B) 
and Web serverterminal 4 and between the Web server 
terminal 4 and authentication serverterminal 3 (authen- 
tication control unit 3A) permits the authentication infor- 
mation to be concealed and a menace of posing to be 
reduced. Likewise, encryption between the user termi- 
nal 5 (authentication information acquisition S/W 5B) 
and authentication server terminal 3 (authentication 
control unit 3A), but not between the individual termi- 
nals, also permits a menace of posing to be reduced. 



[0025] Referring to Figs. 3 and 4, an explanation will 
be given of a simple example of the database structure 
and selection processing of the authentication informa- 
tion acquisition S/W 5B. The authentication information 
database 3B in Fig. 3 includes items of user ID, user 
level and authentication as information allotted to an in- 
dividual user. The user ID includes a name, firm, mem- 
ber number, address, belonging, telephone number, or 
any matter allotted for an individual by the system. The 
user level represents an access level to secret informa- 
tion. The authentication information is biometrics infor- 
mation such as information relative to a fingerprint, a 
handprint, handwriting, retina, and authentication infor- 
mation such as a password, one-time password, etc. 
[0026] As seen from Fig. 4, the authentication infor- 
mation acquisition S/W pool stores authentication infor- 
mation acquisition S/Ws 11 of acquiring information of 
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both fingerprint and retina; acquiring fingerprint informa- 
tion of two fingers and acquiring information of both fin- 
gerprint and retina, etc. The authentication information 
acquisition S/W pool 3C describes the selectable au- 
thentication information acquisition S/W 11 correspond- 
ing to secret levels and data class. 
[0027] Taking as an example the case where a user 
accesses the information of the Web server database 4 
of the data class of 1 7, an explanation will be given of a 
mechanism of selecting the authentication information 
acquisition S/W 11 in the authentication server terminal 
3. In this case, the authentication client ID correspond- 
ing to an identifier of the authentication request unit 4B 
is set at 15, and the application ID corresponding to the 
identifier of the Web server S/W 4C is set at 25. When 
access to the data class of 1 7 occurs, the Web server 
S/W 4C informs the authentication request unit 4B of 
necessity of user authentication. The user request unit 
4B transmits the authentication request of the user, in- 
clusive of the above items of information of the data 
class of 1 7, authentication client ID of 15 and application 
ID of 25, to the authentication server terminal 3. In re- 
sponse to this, the authentication server terminal 3 re- 
ceives the authentication request inclusive of these 
items of information. 

[0028] The authentication control unit 3A in the au- 
thentication server terminal 3 notices a selectable can- 
didate of the authentication information acquisition S/W 
11 not lower than level 2 on the basis of the database 
in the authentication information acquisition S/W pool 
3C in Fig. 4 and that the data class due to the authenti- 
cation request is level 2. 

Example 2 

[0029] Referring to Figs. 5 and 6, an explanation will 
be given of another embodiment of a part of the authen- 
tication information database corresponding to that 
shown in Fig. 3. These figures describe the selectable 
authentication information acquisition S/Ws 11 for each 
authentication client ID and for each application ID, re- 
spectively. The authentication control unit 3A in the au- 
thentication server terminal 3 notices candidates of the 
authentication information acquisition S/Ws 11 selecta- 
ble from the authentication client ID and from the appli- 
cation ID. Therefore, on the basis of the data class, A, 
B, C, D, E, F are selected as candidates; on the authen- 
tication client ID, C, D, and E are selected as candidates; 
and on the basis of the application ID, A, D, E, and E 
are selected as candidates. Finally, either D or E will be 
selected. 

[0030] The S/W selected at random or fixedly defined 
from candidates of the selectable authentication infor- 
mation acquisition S/Ws by the authentication server 
terminal 3 is selected by means of normal selection or 
sequential selection. In this embodiment, the authenti- 
cation means and authentication information can be 
flexibly selected according to the environment such as 



the data class which is access information, authentica- 
tion request unit 4B operating in a device which is a cli- 
ent of authentication and Web server S/W 4C which is 
an using application. Thus, identification of an individual 
5 and decision on presence or absence of the access right 
of the individual can be surely made according to the 
environment. 

Example 3 

10 

[0031] An explanation will be given of the case where 
an user ID is included in an authentication request and 
the authentication information data base shown in Fig. 
3 is set in detail as shown in Fig. 7. The flow of process- 
's jng in this embodiment is shown in Fig. 8 in which like 
reference numerals refer to like parts in Fig. 2. First, the 
Web server terminal 4 acquires a user ID (name, firm, 
member number, address, belonging, telephone 
number, or ID allotted for an individual by the system), 
20 and requests the authentication request unit 4B to make 
authentication of the user with the acquired user ID, cli- 
ent ID (identifier of the authentication request unit 4B), 
application ID (identifier of the We server S/W 4C which 
is an application requiring authentication) and access 
25 data class (secret level of the data accessed by the us- 
er). 

[0032] The authentication information database 
shown in Fig. 7, in addition to that shown in Fig. 3, in- 
cludes information allotted for an individual such as a 

30 type of the user (data manager or general user), usable 
authentication client ID, usable application ID, applica- 
tion control information which is delivered to an applica- 
tion when authentication of being a person in question 
is made, and checking logs (past selection status of the 

35 authentication information acquisition S/W to the pre- 
scribed number of authentication and checking rate), to- 
tal number of times of authentication, selection condi- 
tion, etc. 

[0033] Where the authentication request includes the 

40 user ID, the authentication information acquisition S/W 
will be selected in accordance with the selection condi- 
tion for the user in question. For example, if the user ID 
is 1 , and the other conditions are the same in the previ- 
ous example (i.e., data class = 1 7, authentication client 

45 id = 15 and application ID = 25), the authentication re- 
quest unit 4B transmits, to the authentication server ter- 
minal 3, the authentication request of user as the above 
information inclusive of the user ID =1 , data class = 17, 
authentication client ID = 1 5 and application ID = 25. 

50 [0034] The authentication server terminal 3 receives 
the request of authentication inclusive of the above in- 
formation. Like the above embodiment, on the basis of 
the data class, A, B, C, D, E, F are selected as candi- 
dates; on the authentication client ID. C, D, and E are 

55 selected as candidates; and on the basis of the applica- 
tion ID, A, D, E, and E are selected as candidates. Fi- 
nally, either D or E will be selected. Further, the user ID 
= 1 , the authentication control unit 3A executes the se- 
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lection in the total number of times of authentication. Se- 
lection will be made in such a fashion that the first se- 
lection is D, second is E, third is E, forth is E , .... Now, 
in the total number of times of authentication is 20 with 
the user ID = 1, this time is 21th. Therefore, D of the 
authentication information acquisition S/W 1 1 will be se- 
lected. Other Examples 

[0035] Further, as shown in Fig. 7, in the authentica- 
tion information database 3B, if the authentication client 
ID and application ID which are usable for each user are 
designated, access control such as sending the authen- 
tication information acquisition S/W 11 to user 
only if the designated authentication client ID and appli- 
cation ID are designated can be realized. Now, since the 
usable client ID includes 15, and the usable application 
IS includes 25, sending of the authentication information 
acquisition S/W 11 is permitted. 

[0036] Permission or inhibition of the authentication 
information acquisition S/W 11 can be decided on the 
basis of the user type shown in Fig. 7. Like to the user, 
if a secret level is allotted for the authentication client 
and application, the authentication server terminal 3 can 
select the authentication information acquisition S/W 1 1 
on the basis of the levels of the authentication client, 
application and access data class. For example, control 
of selecting the authentication information S/W with the 
highest level in three levels or higher can be made. 
[0037] The processing after sending the authentica- 
tion information acquisition S/W 11 is different from the 
example described above in that only the authentication 
information is sent because the user ID has been ac- 
quired. Further, using Key = 1 which is control informa- 
tion which is delivered to the application when authen- 
tication of the person in question is Fig. 7 is made, the 
Web server terminal 4 can realize a variety of access 
controls. 

[0038] In the above example, the total number of 
times of authentication as an example of the checking 
rate in Fig. 7 was used as the selection condition. In 
place of it, if the checking evaluation is used as the se- 
lection condition, of the authentication information ac- 
quisition S/Ws 11 with the level of 2 or higher, the one 
with the highest checking evaluation in the past is looked 
for from the checking logs of the user and selected. Now, 
E which has the highest checking evaluation at the last 
time is selected. 

[0039] There is also an example of omitting the trans- 
fer of the authentication acquisition S/W from the au- 
thentication server 3 to the authentication client. Name- 
ly, where the authentication information acquisition S/W 
is determined fixedly by the Web server terminal which 
is an authentication client in the case of the Web system 
1 as described above, the authentication acquisition S/ 
W 1 1 previously acquired by the Web server terminal 4 
may be transferred from the authentication server ter- 
minal 3 to the Web server terminal 4 without transferring 
the authentication information acquisition S/W. 
[0040] As described above, where the authentication 



is executed using the biometrics information in the Web 
system 1, the authentication information acquisition S/ 
W which dynamically acquires the information required 
for authentication is selected in accordance with the en- 

5 vironment (user having made access, data class which 
is access information, authentication request unit4B op- 
erating in the Web server terminal 4 which is a client of 
authentication, Web server S/W 4C which is an using 
application, etc.) and authentication history (i.e. status 

10 at the time of authentication). In this way, identification 
of an individual and decision of the presence or absence 
of the access right of the individual can be surely made 
according to the environment. 

15 Embodiment 2 

[0041] The second embodiment of the present inven- 
tion is a simplification of the first embodiment. In Fig. 9 
in which like reference numerals referto like parts in Fig. 
20 1 , the user terminal which acquires the biometrics infor- 
mation is the same as the terminal of the authentication 
client. An example of an application requiring authenti- 
cation is an database retrieval application 5E for exe- 
cuting the database retrieval. The user terminal 5 in- 
25 eludes a local database 5C which is used by the data- 
base retrieval application 5E, authentication request 
unit5D, and a computer (personal computer or worksta- 
tion) in which the database retrieval application 5E and 
authentication information acquisition S/W 11 are oper- 
30 ated. The biometrics acquisition device 6 is connected 
to the user terminal 6, and has entirely the same con- 
figuration as that in the first embodiment. The authenti- 
cation server terminal 3 has entirely the same configu- 
ration as that in the first embodiment. 
35 [0042] An explanation will be given of the operation of 
the remote authentication system according to the sec- 
ond embodiment of the present invention. In Fig. 10 in 
which like reference numerals referto like parts in Figs. 
2 and 8, the database application retrieval application 
40 5E, when it accesses the secret information in the local 
database 5C (SP5), first acquires a user ID (name, firm, 
member number, address, belonging, telephone 
number, or ID allotted for an individual by the system) 
(SP6), and requests the authentication request unit 5D 
45 to make authentication of the userwith the acquired user 
ID, client ID (identifier of the authentication request unit 
5D). application ID (identifier of the database retrieval 
application 5E which is an application requiring authen- 
tication) and access data class (secret level of the data 
50 accessed by the user (SP7). 

[0043] The authentication server terminal 3 executes 
the same operation of authentication as in the first em- 
bodiment. The authentication request unit 5D of the user 
terminal 5, having received the result of authentication 
55 informs the database retrieval application 5E of the re- 
sult of authentication . The database retrieval application 
5E, on the basis of the result of authentication, decides 
permission or inhibition of access to the highly secret 
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information in the local database 5C by the user (SP8). 
In this case ; for example, the operation to user access 
such as displaying the secret information will be made. 
In such a configuration in which the user terminal 5 is- 
sues a request of authentication, the same effect as in 
the first embodiment may be obtained. 

Embodiment 3 

[0044] In Fig. 11 in which like reference numeral refer 
to like parts in Figs. 2 and 8, a procedure (SP2B, SP12A) 
is proposed in which a user rejects the authentication 
information acquisition S/W when the individual authen- 
tication information specified by the authentication infor- 
mation acquisition S/W 1 1 transferred from the authen- 
tication server 3 does not coincide with an user's inten- 
tion (SP2B, SP12). The authentication server terminal 
3 having suffered the rejection of acquisition selects an- 
other authentication information acquisition S/W again 
(SP20A). However, this is limited to the case where 
there is another authentication information acquisition 
S/W which can be selected again as described in con- 
nection to Fig. 4. 

[0045] Where the biometrics is used as authentication 
information of an individual, it is necessary for a user to 
reject a specified biometrics acquisition device 6 involv- 
ing dirtiness and unpleasantness. Specifically, although 
the biometrics is efficient to discriminate an individual 
from other persons, it gives rise to problems of privacy 
protection and sanitation as described above. For this 
reason, it is necessary for the user to reject or change 
the biometrics acquisition. 

[0046] Where the biometrics acquisition device 6 is 
not trusted in security, the user may have an intention 
of specifying the other information than the biometrics, 
i.e. alternative means such as one-time password 
(OTP) even if it is complicate. In such a case, in accord- 
ance with the user's intention of rejection or changing, 
the authentication information acquisition S/W which dy- 
namically acquires the information for authentication 
can be selected to identify an individual and decide the 
presence or absence of the access right of the individual 
according to the environment surely 

Embodiment 4 

[0047] This embodiment, as means for obtaining the 
same effect as in the third embodiment, includes the 
mechanism of selecting the acquired authentication in- 
formation in the authentication information acquisition 
S/W itself in the first and second embodiments. In the 
first embodiment, the authentication information S/W it- 
self can select authentication D by both fingerprint and 
handwriting and that E by only the fingerprint. In this 
case, the authentication server transfers the authenti- 
cation information acquisition S/W capable of acquiring 
both D and E. 

[0048] The configuration and operation procedure in 



the Web system 1 itself are the same as in the first and 
second embodiments. The displayed image of the au- 
thentication information acquisition S/W on the side of 
the user is shown in Fig. 12. The user selects either D 

5 or E to acquire authentication means and authentication 
information for himself. When he pushes either select 
button 1 2A or 1 2B, the authentication information acqui- 
sition S/W is operated to acquire the authentication in- 
formation actually selected. The authentication server 

10 terminal 3 can decide the type of the received authenti- 
cation information and if authentication can be made us- 
ing a set of the received information. Thus, the same 
effect as in the third embodiment can be obtained. 
[0049] In the first to fourth embodiments, the authen- 

15 tication information to be acquired has been determined 
by the authentication S/W. However, instead of this, the 
authentication information to be acquired may be only 
displayed on a screen. For example, at the number of 
times of authentication in the detailed database in the 

20 first embodiment, transfer of the fingerprint information 
and handwriting information is displayed on the screen. 
Thus, the user spontaneously operates the software for 
acquiring the authentication information in accordance 
with the displayed contents, and transfers the authenti- 

25 cation information thus acquired to the authentication 
server terminal 3. 

[0050] The transfer may not be concretely displayed, 
but previous transfer of the authentication information 
may be displayed. In this case, the user spontaneously 

30 operates the software for acquiring the authentication 
information to acquire all the items of information no- 
ticed previously from a manager in accordance with the 
user's memory and transfers the acquired authenticated 
information to the authentication server. In this way, the 

35 same effect as the first embodiment can be realized. In 
the above case of the previous transfer of the authenti- 
cation information, which is not displayed concretely, the 
means for acquiring the authentication information is 
used in a fashion of a password. Therefore, security in 

40 acquisition of the authentication information can be im- 
proved remarkably. 

[0051] In the first to fourth embodiments, the authen- 
tication of a user individual was made by the Web server 
terminal 4. The present invention, however, should not 

45 be limited to this, but may be widely applied to a general 
controller requires a user's individual such as an arrival/ 
departure terminal device connected to a network. 
[0052] As described above, in accordance with the 
present invention, when authentication should be made 

50 using the biometrics information, the authentication 
server freely selects and acquires the biometrics acqui- 
sition device and authentication information in accord- 
ance with the acquisition environment of the biometrics 
information by the user. Thus, a remote authentication 

55 system capable of identification of a user and decision 
of the presence or absence of the access right of the 
user can be surely realized. 

[0053] If the authentication information designated is 
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not satisfactory for the user, he can change the authen- 
tication information to be acquired and reject its acqui- 
sition. Even when the biometrics acquisition device itself 
involves dirtiness and unpleasantness, or device for ac- 
quiring the biometrics information is not reliable, the 
identification of the user and decision of the presence 
or absence of the access right of the user can be made 
by an alternative means. 



Claims 

1. A remote authentication system having a network 

(2) which is connected to an authentication server 

(3) , an authentication client (4) and a user terminal 
(5) for accessing data from the authentication client 

(4) , in which authentication of the user accessing 
the authentication client (4) is made through the us- 
er terminal (5), 

wherein said system comprises: 

plural kinds of biometrics acquisition devices 
(7-1 0) connected to said user terminal (5); and 
plural authentication information acquisition 
softwares stored in said authentication server 
(3) according to the user terminal (5) and/or a 
user; 

wherein in accordance with the operation of a pre- 
scribed authentication acquisition software corre- 
sponding to the user terminal (5), which is down- 
loaded from the authentication server (3) in authen- 
tication, biometrics information acquired by one or 
plural kinds of biometrics acquisition devices and/ 
or keyed-in user discrimination information are 
used, characterized in that said biometrics infor- 
mation and/or user discrimination information are 
selected depending on the secret level of the data 
to be accessed. 



Patentanspruche 

1 . Fernbeglaubigungssystem mit einem Netzwerk (2), 
das mit einem Beglaubigungsserver (3) verbunden 
ist, einem Beglaubigungsklienten (4) und einem Be- 
nutzerendgerat (5) fur den Zugriff von Daten von 
dem Beglaubigungsklienten (4), bei dem eine Be- 
glaubigung des Benutzers, der zu dem Beglaubi- 
gungsklienten (4) zugreift, durch das Benutzerend- 
gerat (5) erfolgt, 
welches System aufweist: 

mehrere Arten von Vorrichtungen (7-10) zur 
Gewinnung biometrischer Merkmale, die mit 
dem Benutzerendgerat (5) verbunden sind; 
und 

mehrere Beglaubigungsinformations-Gewin- 



nungssoftwarestucke, die in dem Beglaubi- 
gungsserver (3) gespeichert sind, entspre- 
chend dem Benutzerendgerat (5) und/oder ei- 
nem Benutzer; 

5 

wobei gemaft der Operation einer vorgeschriebe- 
nen Beglaubigungsgewinnungs-Software entspre- 
chend dem Benutzerendgerat (5), die von dem Be- 
glaubigungsserver (3) bei der Beglaubigung herun- 
10 tergeladen wird, biometrische Informationen, die 
von einer oder mehreren Arten von Vorrichtungen 
zur Gewinnung biometrischer Merkmale gewonnen 
wurden, und/oder eingegebene Benutzerunter- 
scheidungsinformationen verwendet werden, da- 
's durch gekennzeichnet, dass die biometrischen 
Informationen und/oder Benutzerunterscheidungs- 
informationen in Abhangigkeitvon dem Geheimhal- 
tungspegel der zuzugreifenden Daten ausgewahlt 
werden. 

20 

Revendications 

1. Systeme d'authentification distant ayant un reseau 
25 (2) qui est connecte a un serveur d'authentification 
(3), un client d'authentification (4) et un terminal 
d'utilisation (5) pour acceder a des donnees depuis 
le client d'authentification (4), dans lequel I'authen- 
tification de I'utilisateuraccedant un client d'authen- 
30 tification (4) est realisee a travers le terminal d'uti- 
lisateur (5), 

dans lequel ledit systeme comprend : 

plusieurs types de dispositifs (7-10) d'acquisi- 
35 tion de biometrie ; connectes audit terminal 

d'utilisateur (5) ; et une pluralite de program- 
mes d'acquisition d'informations d'authentifica- 
tion, stockes dans ledit serveur d'authentifica- 
tion (3) selon le terminal d'utilisateur (5) et/ou 
40 un utilisateur ; 

dans lequel, conformement au fonctionnement d'un 
programme d'acquisition d'authentification present 
selon le terminal d'utilisateur (5) qui est telecharge 

45 depuis le serveur d'authentification (3) dans 
I'authentification des informations de biometrie ac- 
quises par un ou plusieurs types de dispositifs d'ac- 
quisition de biometrie et/ou des informations de dis- 
crimination d'utilisateur saisi au clavier sont utili- 

50 sees, caracterise en ce que lesdites informations 
de biometrie et/ou lesdites informations de discri- 
mination d'utilisateur sontselectionnees en fonction 
du niveau de secret des donnees devant etre acce- 
dees. 

55 
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FIG. 1 
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FIG. 3 
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FIG. 6 
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FIG. 9 
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FIG. 10 
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FIG. 12 
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